IN THE CLAIMS : 

Please amend claims 1-3, 5, 6, 8-22, 26-30, 33, 35-41, and 44-47; and 
Please add claim 49 as follows. 

1 . (Currently Amended) An apparatus, for verifying the s e curity integrity of 
remote network devices, comprising: 

a proxy deviee-configured to receive a request for network services by at least one 
remote network device and to perform a security integrity scanning operation on the 
requesting remote network device, wherein the security scanning operation is performed 
at least one of before , and after, the remote network device signs on to the proxy devic e; 
and 

an authorization processing unit processor and access control rules unit access rules 
controller configured to determine if the remote network device is authorized to access 
the requested network services based on the results of the security scanning operation. 

2. (Currently Amended) The apparatus as recited in claim 1, wherein the 
proxy device makes integrity security decisions regarding access to network services by a 
remote network device on a request-by-request basis. 

3. (Currently Amended) The apparatus as recited in claim 1, wherein the 
access control rules unit access rules controller includes a plurality of variables used to 
generate a set of security properties for each remote network device. 
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4. (Original) The apparatus as recited in claim 3, wherein the set of security 
properties may be different for each remote network device that accesses and requests 
service through the network. 

5. (Currently Amended) The apparatus as recited in claim 1, wherein the 
proxy device uses at least one script to select of the type of scanning operations to be 
performed for each remote network device accessing the network. 

6. (Currently Amended) The apparatus as recited in claim 5, wherein the 
proxy device uses a Java applet to execute the desired script on the remote network 
device. 

7. (Previously Presented) The apparatus as recited in claim 6, wherein a 
signed applet executing the script, is allowed to access the remote network device for the 
purposes of executing programs as well as to search and read specific data files that 
reside on the remote network device. 

8. (Currently Amended) The apparatus as recited in claim 1 5 wherein the 
authorization processor refers to a series of variable values in the access control rule 
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Mft kaccess rules controller to determine if a remote network device is authorized to access 
the requested network service. 

9. (Currently Amended) A system for verifying security integrity of remote 
network d e vices, comprising: 

at least one remote network device configured to acc e sses access a network via a 
network connection to make a request for one or more network resident services; 

a gateway device configured to receive the request for services and perform a 
security integrity scanning operation on the remote network device prior to allowing 
access to the requested network services, wherein the security scanning operation is 
performed at least eae-e^before and after the remote network device signs on to the 
gatewa y device ; 

an authentication server that verifies configured to verify user authentication 
credentials of users of remote network devices that access the network; and 

at least one network server that providcs configured to provide requested network 
services to at least one remote network deviee-accessing the network through the gateway 
device . 

10. (Currently Amended) The system as recited in claim 9, wherein the 
gateway deviee-further comprises a proxy server to establish a data communication 
connection between the remote network device and the network server. 
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11. (Currently Amended) The system as recited in claim 9, wherein said 
gateway deviee-further comprises an access control rules unit access rules controller used 
to determine if a remote network devic e is authorized to access the requested network 
services. 

12. (Currently Amended) The system as recited in claim 9, wherein the 
gateway device makes integrity security decisions regarding access to network services 
by a remote network device on a request-by-request basis. 

13. (Currently Amended) The system as recited in claim 9 3 wherein the access 
control rules unit access rules controller includes the plurality of variables used to 
generate a set of security properties for each remote network-deviee. 

14. (Currently Amended) The system as recited in claim 13, wherein the set of 
security properties may be different for each remote network device that accesses and 
requests service through the network. 

15. (Currently Amended) The system as recited in claim 9, wherein the proxy 
d e vice uses at least one script to select of the type of scanning operation to be performed 
for each remote network device accessing the network. 
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16. (Currently Amended) The system as recited in claim 15, wherein the proxy 
deviee-uses a Java applet to execute the desired script on the remote network device. 

17. (Currently Amended) The system as recited in claim 16, wherein a signed 
applet executing the script, is allowed to access the remote network device for the 
purposes of executing programs as w e ll as and to search and read specific data files that 
reside on the remote network device. 

18. (Currently Amended) The system as recited in claim 9, further comprising: 
the use of secure socket layer (SSL) to protect data communicated between the 

remote device and the gateway-de¥*ee. 

19. (Currently Amended) The system as recited in claim 11, wherein the 
gateway device further comprises an authorization processor that refers to a series of 
variable values in the access control rul e unit access rules controller to determine if a 
remote network device is authorized to access the requested network service. 

20. (Currently Amended) The system as recited in claim 9, wherein the 
networks used for establishing communication between said remote network device and 
said gateway comprises comprise g lobal system for mobile communications (GSM) , 
general packet radio service (GPRS) , wireless application protocol (WAP) , enhanced data 
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for gam -global system for mobile communications evolution (EDGE) , or universal 
mobile telecommunications system (UMTS) . 

21. (Currently Amended) The system as recited in claim 9, wherein the remote 
network device can either be a public kiosk, personal computer, cellular telephone, 
satellite telephone, personal assistant or BLUETOOTH device. 

22. (Currently Amended) A methods for verifying s e curity integrity of remote 
network devices, tho method comprising: 

defining at l e ast one variable used as a vehicle to convey results of a scanning 
process; 

downloading verification software via a network connection to the remote network 
device that performs performing scanning process and Fep€4fe -reporting result used in 
scanning script, including at least one variable s defined to be used as a vehicle to convey 
results of a scanning process; 

performing at least one scanning operation on the remote network device to verify 
#*e-a_security integrity of the remote device, wherein the scanning operation is performed 
at least one of before and after the remote device signs on to a gateway device which is 
configured to perform the at least one scanning operation; and 
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obtaining providing the results of the scanning operation for purposes of 
determining whether or not the remote network device is authorized to access the 
requested network services. 

23. (Original) The method as recited in claim 22 wherein, the making of 
security decisions with regard to a request for network services by a remote network 
device is done on a per-request basis. 

24. (Previously Presented) The method as recited in claim 22 wherein, an array 
of variables is used to generate a set of security properties for each remote network 
device. 

25. (Original) The method as recited in claim 24, wherein the set of security 
properties may be different for each remote network device that accesses and requests 
service through the network. 

26. (Currently Amended) The method as recited in claim 22, further 
comprising: 

selecting at least one script for the type of scanning operation to be performed for 
each remote network device that accesses the network. 
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27. (Currently Amended) The method as recited in claim 26, further 
comprising; 

executing the desired script on the remote network device by using a signed Java 

applet. 

28. (Currently Amended) The method as recited in claim 16, further 
comprising: 

using a signed applet for executing the script to access the remote network device 
for the purposes of executing programs, searching, and reading specific data files that 
reside on the remote network device. 

29. (Currently Amended) The method as recited in claim 22, further 
comprisingi 

assigning a values to a set of variables in the verification software resulting from 
the scanning process of the remote network device. 

30. (Currently Amended) The method as recited in claim 22, further 
comprising using; 

secure socket layer (SSL) to protect the data communicated between the remote 
device and the gateway. 
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31. (Previously Presented) The method as recited in claim 29, wherein 
referencing an assigned series of variable values in the access control rules determines if 
a remote network device is authorized to access the requested network service. 

32. (Currently Amended) The method as recited in claim 22, further 
comprising^ 

making authorization decisions based in part on results returned by the scanning 
process. 

33. (Currently Amended) The method as recited in claim 22, further 
comprising; 

transmitting and receiving data, information and applications content between a 
remote device and the gateway comprises global system for mobile communications 
(GSM) , general packet radio service (GPRS) , wireless application protocol (WAP) , 
enhanced data for gsm- global system for mobile communications evolution (EDGE) , or 
universal mobile telecommunication system (UMTS) . 

34. (Previously Presented) The method as recited in claim 22, wherein the 
remote network device is a public kiosk, personal computer, cellular telephone, satellite 
telephone, personal assistant or BLUETOOTH device. 
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35. (Currently Amended) A method, for assessing the integrity of remote 
network devices for purposes of regulating access to network services via a n e twork 
gateway comprising: 

defining at least one access control policy for accessing network services wherein 
the access control policy depends, at least in part, on the results of an integrity scan 
performed on the-aremote network device; 

downloading verification software that an administrator can specify specifying 
what scan scripts are to be used under what conditions to the remote network device; 

performing — an — integrity — sean — en — the — remote — n e twork — device — and 
convevin g receiving at least one result of the- an integrity scan from the remote network 
device teat a gateway device, wherein the integrity scan is performed at least one of 
before and after the remote device signs on to the gateway device; and 

regulating access by the remote network device to network services via the 
gateway device based, at least in part, on the results of the integrity scan. 

36. (Currently Amended) The method as recited in claim 35, further 
comprising! 

making access control decisions with regard to a remote network device on a per- 
service basis. 
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37. (Currently Amended) The method as recited in claim 35, further 
comprising: 

using at least one defined variable in each access control policy. 

38. (Currently Amended) The method as recited in claim 35, further 
comprising: 

sending the results of the integrity scan to the gateway in the form of an assigned 
value for the defined variable. 

39. (Currently Amended) The method as recited in claim 35 further 
comprising: 

using a script to specify the integrity scan operations that will be performed on the 
remote network device. 

40. (Currently Amended) The method as recited in claim 35, further 
comprising! 

using a signed Java applet as verification software to be downloaded to the remote 
network device. 

41. (Currently Amended) The method as recited in claim 39, further 
comprising: 
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using a signed applet executing the script to access the remote network device for 
executing programs, searching, and reading specific data files that reside on the remote 
network device. 

42. (Original) The method of claim 35, wherein a plurality of variables is used 
to determine the access control policy for each remote network device accessing the 
network. 

43. (Original) The method as recited in claim 42, wherein the access control 
policy for each remote network device is different. 

44. (Currently Amended) The method as recited in claim 38, wherein 
referencing to an assigned series of variable values in the access control rules determines 
if a remote network device is authorized to access the requested network service. 

45. (Currently Amended) The method as recited in claim 35, further 
comprising: 

using secure socket layer (SSL) to protect data communicated between the remote 
device and the gateway. 
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46. (Currently Amended) The method as recited in claim 35, further 
comprising: 

making authorization decisions based in part on results returned by the scanning 
process. 

47. (Currently Amended) The method as recited in claim 35 5 further 
comprising: 

transmitting and receiving data, information and applications content between a 
remote device and the gateway using either global system for mobile communications 
(GSM) , general packet radio service (GPRS) , wireless application protocol (WAP) , 
enhanced data for gsm- global system for communications evolution (EDGE) , universal 
mobile telecommunication system (UMTS) or other similar wireless network protocol. 

48. (Previously Presented) The method as recited in claim 35, wherein the remote 
network device is a public kiosk, personal computer, cellular telephone, satellite 
telephone, personal assistant or BLUETOOTH device. 

49. (New) An apparatus, comprising: 

proxying means for receiving a request for network services by at least one remote 
network device and to perform a security integrity scanning operation on the requesting 
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remote network device, wherein the security scanning operation is performed at least 
before the remote network device signs on to the proxy; and 

authorization processing means and access rules controlling means for 
determining if the remote network device is authorized to access the requested network 
services based on the results of the security scanning operation. 
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